---
title: "Claude Mythos: Everything We Know About Anthropic's Unreleased AI Model"
description: Anthropic's leaked Mythos model introduces the Capybara tier above Opus, with cybersecurity capabilities that sent CrowdStrike and Palo Alto stocks tumbling.
author: Darie Nani (Editor-in-Chief)
date: 2026-03-27T21:08:30.734Z
updated: 2026-07-01T08:15:01.099Z
canonical: https://www.sovereignmagazine.com/article/claude-mythos-anthropic-new-model
image: https://cdn.nanimediahouse.com/claude-mythos-featured.webp
categories: Artificial Intelligence
content_type: News
region: San Francisco
publication: Sovereign Magazine
about:
  - type: Organization
    name: Anthropic
---

**Update, April 15, 2026: **Anthropic has since previewed Mythos through a cybersecurity program called Project Glasswing. The "thousands of zero-days" framing rests on 198 manually reviewed reports and a statistical extrapolation. The headline OpenBSD finding required about 1,000 scaffold runs and under $20,000 in compute. See our follow-up for the full breakdown: [Claude Mythos Found a 27-Year-Old Bug. It Cost $20,000 and 1,000 Tries.](https://www.sovereignmagazine.com/article/claude-mythos-27-year-bug-cost).

Anthropic is testing a new AI model called Claude Mythos. The company did not intend to announce it this way. On Thursday 26 March, [Fortune reported](https://fortune.com/2026/03/26/anthropic-says-testing-mythos-powerful-new-ai-model-after-data-leak-reveals-its-existence-step-change-in-capabilities/) that details of the model had been sitting in a publicly accessible, unsecured content management system alongside nearly 3,000 other unpublished assets. Two independent researchers found the material before Anthropic secured it.

An Anthropic spokesperson confirmed the model exists, calling it "a step change" in AI performance and "the most capable we've built to date." It is currently being tested with early access customers. No public release date has been announced.

Here is everything that has been reported so far.

## A new tier above Opus

Mythos is not just a new model. It introduces a new tier called Capybara, which sits above Anthropic's current flagship line of Opus, Sonnet and Haiku models.

A leaked draft blog post, [reviewed by Fortune](https://fortune.com/2026/03/26/anthropic-leaked-unreleased-model-exclusive-event-security-issues-cybersecurity-unsecured-data-store/), described the performance gap directly: "Compared to our previous best model, Claude Opus 4.6, Capybara gets dramatically higher scores on tests of software coding, academic reasoning, and cybersecurity, among others."

An Anthropic spokesperson described Mythos as "a general purpose model with meaningful advances in reasoning, coding, and cybersecurity." No benchmark scores or parameter counts have been published.

## Cybersecurity capabilities

The most striking claim in the leaked draft concerns cybersecurity. Anthropic described Mythos as "currently far ahead of any other AI model in cyber capabilities" and warned that it "presages an upcoming wave of models that can exploit vulnerabilities in ways that far outpace the efforts of defenders."

The model can reportedly surface [previously unknown vulnerabilities in production codebases](https://www.sovereignmagazine.com/article/anthropic-fable-5-returns-export-ban-lifted). Anthropic acknowledged this is [dual-use](https://www.sovereignmagazine.com/article/anthropic-alibaba-distillation-export-ban): the same capability that helps defenders harden their systems also gives attackers a tool for finding exploits at scale.

The draft said Anthropic's release strategy would prioritise defence. "We're releasing it in early access to organisations, giving them a head start in improving the robustness of their codebases," the document stated. Early access is restricted to organisations focused on cyber defence.

This is not entirely new territory. When Anthropic released Opus 4.6 in February 2026, the model already demonstrated an ability to surface previously unknown vulnerabilities. OpenAI's GPT-5.3-Codex, released the same week, was the first model OpenAI classified as "high capability" for cybersecurity under its Preparedness Framework. Mythos appears to represent another step beyond both.

## How the leak happened

Anthropic's content management system stored all website content, including blog posts, images and documents, in a central system accessible without authentication. Digital assets created in the CMS were set to public by default. Unless a user explicitly changed the setting, unpublished drafts were assigned a publicly accessible URL.

Anyone with technical knowledge could query the system and retrieve material that had never been published to Anthropic's website. Roy Paz, a senior AI security researcher at LayerX Security, and Alexandre Pauwels, a cybersecurity researcher at the University of Cambridge, independently located and reviewed the exposed data.

In total, Pauwels found close to 3,000 unpublished assets. Beyond the Mythos draft, the cache included details of an invite-only CEO summit in Europe, part of Anthropic's enterprise sales push, along with internal images, documents and other product announcements.

Anthropic attributed the issue to "human error in the CMS configuration" and said it was "unrelated to Claude, Cowork, or any Anthropic AI tools." The company secured the data after Fortune made contact on Thursday evening.

The irony was not lost on observers. A company announcing a model it believes poses "unprecedented cybersecurity risks" had [left the announcement itself in an unsecured database](https://www.sovereignmagazine.com/article/anthropic-claude-code-source-code-leak).

## Market impact

Cybersecurity stocks fell sharply on Friday after the Mythos reports. The iShares Cybersecurity ETF (IHAK) dropped 3%. CrowdStrike and Palo Alto Networks fell 7%. Zscaler and SentinelOne dropped more than 8%. Tenable fell nearly 11%.

The sell-off reflects a broader pattern. Cybersecurity stocks had already declined in February after Anthropic launched a code-scanning security tool for Claude. The concern is straightforward: if AI models can find vulnerabilities faster than human security teams, the value proposition of existing cybersecurity products changes.

## What we do not know

Several significant details remain unreported:

- **Benchmark scores.** The leaked draft referenced "dramatically higher scores" against Opus 4.6 but did not include specific numbers.
- **Parameter count.** No information about the model's size has been disclosed.
- **Pricing.** No API pricing or tier structure has been announced for Capybara.
- **Release timeline.** Anthropic has said only that the model is in early access testing. No public availability date has been given.
- **How Capybara relates to existing tiers.** Whether Capybara replaces Opus at the top of the lineup or sits alongside it as a separate, more expensive tier is unclear.

**Update: **Some of these gaps have since been filled. Anthropic's April Mythos Preview confirms the cybersecurity focus, the use of Project Glasswing as the release vehicle, and the compute figures behind the most-cited findings. Benchmark scores, parameter count, and the general availability timeline remain unreported. Full analysis of the preview: [Claude Mythos Found a 27-Year-Old Bug. It Cost $20,000 and 1,000 Tries.](https://www.sovereignmagazine.com/article/claude-mythos-27-year-bug-cost).

## FAQ

**Q: What is Claude Mythos?**
Claude Mythos is an unreleased AI model from Anthropic, described internally as "a step change" in AI performance and the most capable model the company has built. It is the first model in a new tier called Capybara, which sits above Anthropic's current Opus line. Anthropic confirmed it is being tested with early access customers but has not announced a public release date.

**Q: What is Claude Capybara?**
Capybara is a new model tier introduced by Anthropic that sits above its existing Opus, Sonnet and Haiku tiers. According to a leaked draft blog post, Capybara models score "dramatically higher" than Opus 4.6 on tests of software coding, academic reasoning and cybersecurity. Claude Mythos is the first model in this tier.

**Q: Is Claude Mythos a cybersecurity risk?**
Anthropic's own internal draft described Mythos as posing "unprecedented cybersecurity risks." The model is reportedly "far ahead of any other AI model in cyber capabilities" and can surface previously unknown vulnerabilities in production codebases. This capability is dual-use: it can help defenders harden systems but could also be used by attackers to find exploits at scale. Anthropic is restricting early access to cyber defence organisations.

**Q: When will Claude Mythos be released?**
No public release date has been announced. Anthropic confirmed in March 2026 that the model is being tested with a limited group of early access customers, with priority given to organisations focused on cybersecurity defence. The company has not indicated when broader access will be available.
